On the Per-Computer Settings page, you create settings profiles that specify how often to install software on workstations and servers. You can also define settings to prevent tampering and unauthorized uninstallation of the software.
Settings vary for WatchGuard EPDR, WatchGuard EDR, and WatchGuard EPP. If you do not see a setting in the web UI, it is not supported by your product.
To configure a per-computer settings profile:
- From the top navigation bar, select Settings.
- From the left pane, select Per-Computer Settings.
- Select an existing security settings profile to edit, copy an existing profile, or in the upper-right corner of the page, click Add to create a new profile.
The Add Settings or Edit Settings page opens.
- In the Name text box, type a name for the settings profile.
- (Optional) In the Description text box, type a brief description of the settings profile.
- Configure these settings, as required:
- Click Save.
The new settings profile displays in the list.
- Select the profile and assign recipients, if required.
For more information, see Assign a Settings Profile.
You can choose to show the WatchGuard icon in the system tray of computers where WatchGuard Endpoint Security is installed.
To show the WatchGuard icon in the system tray:
- Select Preferences.
- Enable the Show icon in the system tray toggle.
Configure the time and frequency of updates of the client software.
Update options are not configurable for Android devices. For more information, see Configure Android Device Security Settings.
To configure updates to the endpoint security software:
- Select Updates.
- To automatically update the software on computers, enable the toggle.
Updates occur as soon as they are available unless you specify a day and time.
- Specify the time when the software can update:
- To apply updates to the software on managed computers during a specified time period, specify the Start Time and End Time.
- To allow updates to the software on managed computers at any time, select the Anytime check box.
- To specify the days on which to apply software updates, select an option from the Apply Updates Only on the Following Days list:
- Any Day — Applies updates when they are available, on any day of the week or month.
- Days of the Week — Select the days of the week to apply updates. You must select at least one day. When an update is available, it runs on the first day of the week that matches the selection.
- Days of the Month — In the Start Day and End Day boxes, select the days of the month between which to apply updates. When an update is available, it runs on the first day of the month that matches the selection.
- On the Following Days — In the From and To calendars, select the dates between which to apply updates. This update does not repeat.
From the If a Restart Is Necessary to Complete the Update Process list, select an option:
- Do Not Restart Automatically — A restart dialog box on the target computer prompts the user to restart the computer. The dialog box continues to open until the computer restarts.
- Automatically Restart Workstations Only — Computers automatically restart after the update completes. Servers do not restart automatically.
- Automatically Restart Servers Only — Servers automatically restart after the update completes. Computers do not restart automatically.
- Automatically Restart Workstations and Servers — Computers and servers automatically restart after the update completes.
Configure security against tampering to ensure that only authorized users can uninstall, disable, or uninstall WatchGuard Endpoint Security.
To configure security against tampering:
- Select Security Against Unauthorized Protection Tampering.
- To require the user on the client computer to enter a password to uninstall WatchGuard Endpoint Security, enable the Request Password to Uninstall the Protection from Computers toggle.
- To allow administrators to temporarily manage computer security settings from the client software on the computer, enable the Allow the Protections to Be Temporarily Enabled/Disabled from the Computer's Local Console toggle.
- To prevent users and malware when they try to disable protection, enable the Enable Anti-Tamper Protection toggle.
For more information, see Enable a Password to Prevent Unauthorized Protection Tampering.
- If you enabled any of the toggles, enter the password the user must enter on the client computer in the Password Required to Perform Advanced Management Tasks Locally from your Computers text box.
If a computer loses its license because it is manually removed or
because it expires or is canceled, the Anti-Tamper Protection and password-based
uninstallation protection are disabled.